Commit Graph

156 Commits

Author SHA1 Message Date
Thomas Tanner 28986da4ca Fixed #5986 -- Added ability to customize order of Form fields 2015-03-16 09:12:57 -04:00
Tim Graham 0ed7d15563 Sorted imports with isort; refs #23860. 2015-02-06 08:16:28 -05:00
Tim Graham a53541852d Removed contrib.auth.forms.mask_password()
This function is unused since dce820ff70
after being introduced in 718a5ba1a1
2015-02-02 11:13:14 -05:00
Tim Graham 271d4f8f85 Fixed #23948 -- Moved password help text from the template to the form.
Thanks Mithos for the report and patch.
2014-12-26 08:09:12 -05:00
Berker Peksag 560b4207b1 Removed redundant numbered parameters from str.format().
Since Python 2.7 and 3.1, "{0} {1}" is equivalent to "{} {}".
2014-12-03 14:27:38 -05:00
Carl Meyer 89559bcfb0 Fixed #23409 -- Extract PasswordResetForm.get_users method.
Allows easier customization of policies regarding which users are allowed to
reset their password.

Thanks Aymeric for review.
2014-09-03 12:25:11 -06:00
Gabriel Muñumel deed00c0d8 Fixed #23162 -- Renamed forms.Field._has_changed() to has_changed(). 2014-08-15 08:14:45 -04:00
Iain Dawson 8fbf13a6c8 Replaced instances of 'his/her' with 'their'. 2014-07-21 19:49:12 +00:00
Yin Jifeng 849538d03d Fixed #13147 -- Moved User validation logic from form to model. 2014-07-10 09:36:43 -04:00
Jorge C. Leitão a00b78b1e2 Fixed #17431 -- Added send_mail() method to PasswordResetForm.
Credits for the initial patch go to ejucovy;
big thanks to Tim Graham for the review.
2014-06-10 14:00:52 -04:00
Tim Graham ed4c2e1c0d Fixed #22329 -- Used label_tag() in some admin auth templates.
refs #17922.
2014-03-29 08:54:56 -04:00
Aymeric Augustin 9ffab9cee1 Moved RequestSite and get_current_site.
Following the app-loading refactor, these objects must live outside of
django.contrib.sites.models because they must be available without
importing the django.contrib.sites.models module when
django.contrib.sites isn't installed.

Refs #21680. Thanks Carl and Loic for reporting this issue.
2014-01-26 08:50:47 +01:00
Aymeric Augustin 8f04f53dd8 Removed a few gratuitous lambdas. 2013-12-26 14:03:50 +01:00
Loic Bistuer 6685713869 Fixed E127 pep8 warnings. 2013-12-14 11:59:15 -05:00
Claude Paroz 5f52590368 Fixed #21291 -- Ensured inactive users cannot reset their passwords
Thanks kz26 for the report and the suggested fix. Refs #19758.
2013-10-19 10:43:06 +02:00
Florian Apolloner 5d74853e15 Revert "Ensure that passwords are never long enough for a DoS."
This reverts commit aae5a96d57.

This fix is no longer necessary, our pbkdf2 (see next commit) implementation
no longer rehashes the password every iteration.
2013-09-24 21:01:21 +02:00
Tim Graham 18ffdb1772 Fixed #17627 -- Renamed util.py files to utils.py
Thanks PaulM for the suggestion and Luke Granger-Brown and
Wiktor Kołodziej for the initial patch.
2013-09-16 12:52:05 -04:00
Russell Keith-Magee aae5a96d57 Ensure that passwords are never long enough for a DoS.
* Limit the password length to 4096 bytes
  * Password hashers will raise a ValueError
  * django.contrib.auth forms will fail validation
* Document in release notes that this is a backwards incompatible change

Thanks to Josh Wright for the report, and Donald Stufft for the patch.

This is a security fix; disclosure to follow shortly.
2013-09-15 13:42:23 +08:00
Simon Charette 11cd7388f7 Fixed #20989 -- Removed useless explicit list comprehensions. 2013-08-30 10:57:51 -04:00
Justin Michalicek 6d88d47be6 Fixed #20832 -- Enabled HTML password reset email
Added optional html_email_template_name parameter to password_reset view
and PasswordResetForm.
2013-08-05 09:47:28 -04:00
Curtis Maloney 07876cf02b Deprecated SortedDict (replaced with collections.OrderedDict)
Thanks Loic Bistuer for the review.
2013-08-04 07:09:39 -04:00
Tim Graham a1889397a9 Fixed #12103 -- Added AuthenticationForm.confirm_login_allowed to allow customizing the logic policy.
Thanks ejucovy and lasko for work on the patch.
2013-07-31 13:54:05 -04:00
Kirill Fomichev 33242fe015 Fixed #19019 -- Fixed UserAdmin to log password change.
Thanks Tuttle for the report.
2013-07-23 08:33:07 -04:00
Claude Paroz 6118d6d1c9 More import removals
Following the series of commits removing deprecated features in
Django 1.7, here are some more unneeded imports removed and other
minor cleanups.
2013-06-29 11:58:36 +02:00
Ramiro Morales f02a703ca6 Removed AuthenticationForm.check_for_test_cookie() as per deprecation TL. 2013-06-28 21:48:15 -03:00
Tim Graham 1184d07789 Fixed #14881 -- Modified password reset to work with a non-integer UserModel.pk.
uid is now base64 encoded in password reset URLs/views. A backwards compatible
password_reset_confirm view/URL will allow password reset links generated before
this change to continue to work. This view will be removed in Django 1.7.

Thanks jonash for the initial patch and claudep for the review.
2013-06-26 13:11:47 -04:00
Erik Romijn aeb1389442 Fixed #20079 -- Improve security of password reset tokens 2013-06-18 20:02:00 +02:00
Loic Bistuer ee77d4b253 Fixed #20199 -- Allow ModelForm fields to override error_messages from model fields 2013-06-18 08:01:17 -04:00
Ramiro Morales 0fa8d43e74 Replaced `and...or...` constructs with PEP 308 conditional expressions. 2013-05-26 23:47:50 -03:00
Mark Huang 0732c8e8c6 Fixed #20357 -- Allow empty username field label in `AuthentificationForm`. 2013-05-16 11:41:52 -04:00
Luke Plant f026a519ae Fixed #19733 - deprecated ModelForms without 'fields' or 'exclude', and added '__all__' shortcut
This also updates all dependent functionality, including modelform_factory
 and modelformset_factory, and the generic views `ModelFormMixin`,
 `CreateView` and `UpdateView` which gain a new `fields` attribute.
2013-05-09 16:44:36 +01:00
Preston Holmes 22d82a7742 Fixed #15198 -- pass request to AuthenticationForm
Thanks to Ciantic for the report, claudep and slurms for initial work
2013-02-23 15:28:49 -08:00
Preston Holmes 9d2c0a0ae6 Removed superfluous cookie check from auth login.
This is ensured through the CSRF protection of the view
2013-02-23 15:28:49 -08:00
Horst Gutmann 2f4a4703e1 Fixed #19758 -- Avoided leaking email existence through the password reset form. 2013-02-23 14:31:21 +01:00
Claude Paroz 1686e0d184 Fixed #18460 -- Fixed change detection of ReadOnlyPasswordHashField
Thanks jose.sanchez et ezeep.com for the report and Vladimir Ulupov
for the initial patch.
2013-01-25 21:27:49 +01:00
Florian Apolloner cc4de61a2b Fixed #19596 -- Use `_default_manager` instead of `objects` in the auth app.
This is needed to support custom user models which don't define a manager
named `objects`.
2013-01-22 12:47:34 +01:00
Nick Sandford cdad0b28d4 Fixed #19573 -- Allow override of username field label in AuthenticationForm 2013-01-10 09:06:04 +01:00
Russell Keith-Magee 27f8129d64 Fixed #19368 -- Ensured that login error messages adapt to changes in the User model.
Thanks to un33k for the report.
2012-12-15 22:44:47 +08:00
Claude Paroz a0cd6dd11e Fixed #19349 -- Fixed re-rendering of ReadOnlyPasswordHashWidget
Thanks tim.bowden at mapforge.com.au for the report, Andreas Hug
for the patch and Anton Baklanov for the review.
2012-12-01 12:22:43 +01:00
Claude Paroz 0eeae15056 Fixed #19354 -- Do not assume usermodel.pk == usermodel.id
Thanks markteisman at hotmail.com for the report.
2012-11-29 21:45:43 +01:00
Preston Holmes 4ea8105120 Fixed #19061 -- added is_active attribute to AbstractBaseUser 2012-10-28 23:04:03 -07:00
Russell Keith-Magee 04b53ebfb7 Fixed #19133 -- Corrected regression in form handling for user passwords.
Thanks to pressureman for the report, and to Preston Holmes for the draft patch.
2012-10-20 11:41:54 +08:00
Russell Keith-Magee bfcda7781a Fixed #19130 -- Made some of the auth forms more flexible for user models. 2012-10-16 16:03:29 +08:00
Russell Keith-Magee c433fcb3fb Fixed #19077, #19079 -- Made USERNAME_FIELD a required field, and modified UserAdmin to match. 2012-10-13 11:44:50 +08:00
Adrien Lemaire 2c8267bf3d Fixed #17899 -- Rewrote [Ee]-mail to [Ee]mail 2012-09-26 14:14:51 +02:00
Russell Keith-Magee 70a0de37d1 Fixed #3011 -- Added swappable auth.User models.
Thanks to the many people that contributed to the development and review of
this patch, including (but not limited to) Jacob Kaplan-Moss, Anssi
Kääriäinen, Ramiro Morales, Preston Holmes, Josh Ourisman, Thomas Sutton,
and Roger Barnes, as well as the many, many people who have contributed to
the design discussion around this ticket over many years.

Squashed commit of the following:

commit d84749a0f0
Merge: 531e771 7c11b1a
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Wed Sep 26 18:37:04 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit 531e7715da
Merge: 29d1abb 1f84b04
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Wed Sep 26 07:09:23 2012 +0800

    Merged recent trunk changes.

commit 29d1abbe35
Merge: 8a527dd 54c81a1
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Sep 24 07:49:46 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit 8a527dda13
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Sep 24 07:48:05 2012 +0800

    Ensure sequences are reset correctly in the presence of swapped models.

commit e2b6e22f29
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 23 17:53:05 2012 +0800

    Modifications to the handling and docs for auth forms.

commit 98aba856b5
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 23 15:28:57 2012 +0800

    Improved error handling and docs for get_user_model()

commit 0229209c84
Merge: 6494bf9 8599f64
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 23 14:50:11 2012 +0800

    Merged recent Django trunk changes.

commit 6494bf91f2
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Sep 17 21:38:44 2012 +0800

    Improved validation of swappable model settings.

commit 5a04cde342
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Sep 17 07:15:14 2012 +0800

    Removed some unused imports.

commit ffd535e413
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 20:31:28 2012 +0800

    Corrected attribute access on for get_by_natural_key

commit 913e1ac84c
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 20:12:34 2012 +0800

    Added test for proxy model safeguards on swappable models.

commit 280bf19e94
Merge: dbb3900 935a863
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 18:16:49 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit dbb3900775
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 18:09:27 2012 +0800

    Fixes for Python 3 compatibility.

commit dfd72131d8
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 15:54:30 2012 +0800

    Added protection against proxying swapped models.

commit abcb027190
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 15:11:10 2012 +0800

    Cleanup and documentation of AbstractUser base class.

commit a9491a8776
Merge: fd8bb4e 08bcb4a
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 14:46:49 2012 +0800

    Merge commit '08bcb4aec1ed154cefc631b8510ee13e9af0c19d' into t3011

commit fd8bb4e3e4
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 14:20:14 2012 +0800

    Documentation improvements coming from community review.

commit b550a6d06d
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 13:52:47 2012 +0800

    Refactored skipIfCustomUser into the contrib.auth tests.

commit 52a02f1110
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 13:46:10 2012 +0800

    Refactored common 'get' pattern into manager method.

commit b441a6bbc7
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 13:41:33 2012 +0800

    Added note about backwards incompatible change to admin login messages.

commit 08bcb4aec1
Author: Anssi Kääriäinen <akaariai@gmail.com>
Date:   Sat Sep 15 18:30:33 2012 +0300

    Splitted User to AbstractUser and User

commit d9f5e5addb
Author: Anssi Kääriäinen <akaariai@gmail.com>
Date:   Sat Sep 15 18:30:02 2012 +0300

    Reworked REQUIRED_FIELDS + create_user() interaction

commit 579f152e4a
Merge: 9184972 93e6733
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 15 20:18:37 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit 918497218c
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 15 20:18:19 2012 +0800

    Deprecate AUTH_PROFILE_MODULE and get_profile().

commit 334cdfc1bb
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 15 20:00:12 2012 +0800

    Added release notes for new swappable User feature.

commit 5d7bb22e8d
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 15 19:59:49 2012 +0800

    Ensure swapped models can't be queried.

commit 57ac6e3d32
Merge: f2ec915 abfba3b
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 15 14:31:54 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit f2ec915b20
Merge: 1952656 5e99a3d
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 9 08:29:51 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit 19526563b5
Merge: 2c5e833 c4aa26a
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 9 08:22:26 2012 +0800

    Merge recent changes from master.

commit 2c5e833a30
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 9 07:53:46 2012 +0800

    Corrected admin_views tests following removal of the email fallback on admin logins.

commit 20d1892491
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 9 01:00:37 2012 +0800

    Added conditional skips for all tests dependent on the default User model

commit 40ea8b8882
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 8 23:47:02 2012 +0800

    Added documentation for REQUIRED_FIELDS in custom auth.

commit e6aaf65970
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 8 23:20:02 2012 +0800

    Added first draft of custom User docs.

    Thanks to Greg Turner for the initial text.

commit 75118bd242
Author: Thomas Sutton <me@thomas-sutton.id.au>
Date:   Mon Aug 20 11:17:26 2012 +0800

    Admin app should not allow username discovery

    The admin app login form should not allow users to discover the username
    associated with an email address.

commit d088b3af58
Author: Thomas Sutton <me@thomas-sutton.id.au>
Date:   Mon Aug 20 10:32:13 2012 +0800

    Admin app login form should use swapped user model

commit 7e82e83d67
Merge: e29c010 39aa890
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Fri Sep 7 23:45:03 2012 +0800

    Merged master changes.

commit e29c010beb
Merge: 8e3fd70 30bdf22
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Aug 20 13:12:57 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit 8e3fd703d0
Merge: 507bb50 26e0ba0
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Aug 20 13:09:09 2012 +0800

    Merged recent changes from trunk.

commit 507bb50a92
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Jun 4 20:41:37 2012 +0800

    Modified auth app so that login with alternate auth app is possible.

commit dabe362836
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Jun 4 20:10:51 2012 +0800

    Modified auth management commands to handle custom user definitions.

commit 7cc0baf89d
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Jun 4 14:17:28 2012 +0800

    Added model Meta option for swappable models, and made auth.User a swappable model
2012-09-26 18:48:09 +08:00
Claude Paroz 703c266682 Fixed #18182 -- Made is_usable_password check if hashing algorithm is correct
The display of the ReadOnlyPasswordHashWidget has also been improved to
distinguish empty/unusable password from erroneous password.
Fixed #18453 also.
Thanks danielr and Leo for the reports and Moritz Sichert for the
initial patch.
2012-09-12 11:32:50 +02:00
Adrian Holovaty 4193a0f3d5 Negligible spacing fix in auth/forms.py 2012-09-04 16:47:45 -04:00
Claude Paroz 09a719a4e6 Fixed #7833 -- Improved UserCreationForm password validation
Make UserCreationForm password validation similar to
SetPasswordForm and AdminPasswordChangeForm, so as the match
check is only done when both passwords are supplied.
Thanks Mitar for the suggestion.
2012-08-04 14:55:13 +02:00
Alex Gaynor 3e8d8bb094 Fixed auth to not use an internal implementation detail of SortedDict 2012-07-14 14:33:13 -07:00
Florian Apolloner 52a9e15794 Fixed a regression in the user admin page introduced in a92e7f37c4.
a92e7f37c4 switched most of the internal stuff
to format_html. Using format_html in the `render` method of
`ReadOnlyPasswordHashWidget` caused it to generate `SafeString` instances.
Later these safe strings where returned from `BoundField.__unicode__` which
caused force_unicode to loose the "safe" information. This commit fixes that by
ensuring that the render method returns `SafeUnicode` instead of `SafeString`.
2012-07-07 15:29:20 +02:00
Luke Plant a92e7f37c4 Changed a lot of internal code to use 'format_html' where appropriate/possible 2012-07-03 22:20:12 +01:00
Claude Paroz 70a0351fef Fixed #18184 -- Moved algorithm identification code to hashers module
Thanks Eli Collins for the report and the patch.
2012-06-06 11:06:33 +02:00
Claude Paroz eb286aa22f Delayed encoding of password and salt in password checking.
Applied the rule that string encoding should happen as late as
possible. This is also a preparation for Python 3 compatibility.
2012-06-06 10:53:16 +02:00
Jannis Leidel ae1b7e9699 Reverted the introduction of a translation string in r17775 as it happened after string freeze. Refs #17944.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17779 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-03-23 02:31:29 +00:00
Aymeric Augustin a8d0fc1001 Fixed #17944 -- Prevented an error in the user change page of the admin when the content of the password field doesn't match the expected format. Thanks saxix for the report and initial patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17775 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-03-22 08:10:19 +00:00
Paul McMillan bf1112de7d Fixed #17777. Unsalted MD5 display widget correction.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17681 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-03-12 10:43:59 +00:00
Julien Phalip 991d3d6c12 Slightly improved the help text for the "Password" field in the `auth.User` admin form, and PEP8-cleaned up the area while I was there.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17326 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-01-02 14:51:25 +00:00
Aymeric Augustin d72c0bdc46 Fixed #17457 -- Marked strings used in hash descriptions for translation.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17270 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-24 19:38:37 +00:00
Paul McMillan dce820ff70 Renovated password hashing. Many thanks to Justine Tunney for help with the initial patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17253 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-23 03:46:06 +00:00
Aymeric Augustin c7534584e8 Explained why UserCreationForm performs custom validation of usernames. Refs #13147.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17225 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-17 15:30:55 +00:00
Jannis Leidel 5df31c0164 Fixed #17194 -- Made sure the auth form tests work if a language other than English is activated by moving the error message translation strings into class level dictionaries. Many thanks to Claude Paroz, rabio and Bas Peschier for their initial work on this.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17204 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-15 16:12:46 +00:00
Adrian Holovaty 718a5ba1a1 Fixed #16845 -- Admin 'Change user' page no longer shows the password hash. Thanks, dstufft
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17185 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-09 22:10:03 +00:00
Alex Gaynor 6c91521902 Remove the usage of deprecated function in Django. Also simplify the fallback code.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16985 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-10-14 00:20:50 +00:00
Jannis Leidel 24f4764a48 Fixed #16225 -- Removed unused imports. Many thanks to Aymeric Augustin for the work on the patch and Alex for reviewing.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16539 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-07-13 09:35:51 +00:00
Jannis Leidel 2619dc8285 Fixed #14674 -- Prevent user accounts with an unusable password from resetting passwords. Thanks, summerisgone, thejaswi_puthraya and lrekucki.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16455 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-26 16:51:34 +00:00
Jannis Leidel 656360c240 Fixed #12202 -- Removed hardcoded password reset subject and added a subject_template_name parameter to the password_reset view. Thanks, Ramiro Morales, Claude Paroz and agabel.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16438 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-19 11:24:39 +00:00
Adrian Holovaty 94af19c43f Changed e-mail to email throughout documentation and codebase. The one exception is translation strings, which I didn't want to disrupt
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15967 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-01 16:10:22 +00:00
Carl Meyer 7d71a9e45f Fixed #9213 - Added check to prevent inactive users from resetting their password. Thanks to John Scott for report and draft patch, and Evgeny Fadeev for final patch with test.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15805 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-14 21:14:10 +00:00
Jannis Leidel cc64fb5c4b Fixed #8342 -- Removed code from the admin that assumed that you can't login with an email address (nixed by r12634). Also refactored login code slightly to be DRY by using more of auth app's forms and views.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14769 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-12-02 00:44:35 +00:00
Luke Plant 667d832e90 Fixed #14386, #8960, #10235, #10909, #10608, #13845, #14377 - standardize Site/RequestSite usage in various places.
Many thanks to gabrielhurley for putting most of this together.  Also to
bmihelac, arthurk, qingfeng, hvendelbo, petr.pulc@s-cape.cz, Hraban for
reports and some initial patches.

The patch also contains some whitespace/PEP8 fixes.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@13980 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-04 14:20:47 +00:00
Malcolm Tredinnick 4084bc7354 Permit custom from-email address in auth forms email.
Patch from cassidy and Rob Hudson. Fixed #11300.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@13817 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-12 22:38:01 +00:00
Luke Plant 303bdc85a7 Fixed #14242 - UserChangeForm subclasses without 'user_permissions' field causes KeyError
This was a regression introduced by [13683]

Thanks to adammckerlie@gmail.com for report.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@13702 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-09 23:31:54 +00:00
Luke Plant bdd13a4daa Fixed #14090 - Many sql queries needed to display change user form
Thanks to Suor for report and patch.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@13683 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-03 18:56:12 +00:00
Jannis Leidel 7989a78baf Fixed #13000 - Use a dictionary for the error messages definition in user creation and change form. Thanks for the patch, lgs.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12785 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-15 12:16:01 +00:00
Jacob Kaplan-Moss c8015052d9 Fixed #5786: relaxed the validation for usernames to allow more common characters '@', etc.
This is really just a stop-gap until we come up with a improved way of handling
disparate auth data, but it should help us stretch a bit more milage out of the
current system.

Thanks to alextreme, lbruno, and clayg.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12634 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-01 19:49:05 +00:00
Jannis Leidel c4470e5ced Make use of new ability to override admin add form templates and removed a litle bit of redundancy in the templates.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12218 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-12 23:35:29 +00:00
Joseph Kocherhans 2f9853b2dc Fixed #12512. Changed ModelForm to stop performing model validation on fields that are not part of the form. Thanks, Honza Kral and Ivan Sagalaev.
This reverts some admin and test changes from [12098] and also fixes #12507, #12520, #12552 and #12553.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12206 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-12 02:29:45 +00:00
Joseph Kocherhans 471596fc1a Merged soc2009/model-validation to trunk. Thanks, Honza!
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12098 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-05 03:56:19 +00:00
Luke Plant 1306079a02 Fixed #10017 - PasswordResetForm.clean_email was not returning the value.
Thanks Zak Johnson, Leo


git-svn-id: http://code.djangoproject.com/svn/django/trunk@9906 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-02-26 17:11:28 +00:00
Jacob Kaplan-Moss 78d13fb1c2 Fixed #8379: the admin user change form now properly validates the username. Thanks, kratorius.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8544 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-25 17:10:20 +00:00
Jacob Kaplan-Moss 15ed0d65b0 Fixed #7833: the user creation form now works when password1 isn't set.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8542 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-25 16:55:57 +00:00
Luke Plant 8e24b37610 Cleaned up whitespace
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8214 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-05 16:36:20 +00:00
Russell Keith-Magee bf65fd0a80 Fixed #8901 -- Corrected typo in docstring. Thanks to Hayley Bonham <djangocode@vortex.cx> for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8207 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-04 12:11:04 +00:00
Luke Plant 8dff194e9b Fixed #3062 - removed arbitrary and unneeded max_length on password fields in auth forms.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8180 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-01 21:18:17 +00:00
Luke Plant fcd837cd0f Fixed #7723 - implemented a secure password reset form that uses a token and prompts user for new password.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8162 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-31 20:47:53 +00:00
Russell Keith-Magee 99e34c1846 Fixed #8042 -- Modified the password reset form so that the email field length matches the User model. Thanks to Bob Thomas <bthomas@ncircle.com> for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8159 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-31 09:08:55 +00:00
Adrian Holovaty 29f0e8182f Fixed #7847 -- Removed a whole bunch of unused imports from throughout the codebase. Thanks, julien
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8046 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-22 03:24:09 +00:00
Jacob Kaplan-Moss 46786b4193 Fixed #7741: django.newforms is now django.forms. This is obviously a backwards-incompatible change. There's a warning upon import of django.newforms itself, but deeper imports will raise errors.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7971 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-19 01:22:26 +00:00
Brian Rosner a19ed8aea3 Merged the newforms-admin branch into trunk.
This is a backward incompatible change. The admin contrib app has been
refactored. The newforms module has several improvements including FormSets
and Media definitions.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@7967 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-18 23:54:34 +00:00
Malcolm Tredinnick 212aa32e2a Fixed #5798 -- Added a missing translation marker. Thanks, maru.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6617 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-10-27 04:34:50 +00:00
Gary Wilson Jr 212ee65be7 Fixed #2101 -- Renamed `maxlength` argument to `max_length` for oldforms `FormField`s and db model `Field`s. This is fully backwards compatible at the moment since the legacy `maxlength` argument is still supported. Using `maxlength` will, however, issue a `PendingDeprecationWarning` when used.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@5803 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-08-05 05:14:46 +00:00
Malcolm Tredinnick 953badbea5 Merged Unicode branch into trunk (r4952:5608). This should be fully
backwards compatible for all practical purposes.

Fixed #2391, #2489, #2996, #3322, #3344, #3370, #3406, #3432, #3454, #3492, #3582, #3690, #3878, #3891, #3937, #4039, #4141, #4227, #4286, #4291, #4300, #4452, #4702


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5609 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-07-04 12:11:04 +00:00
Luke Plant 18619a11ee Fixed behaviour of contrib.auth.forms.PasswordResetForm when more than
one User have the same e-mail address.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5493 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-06-19 20:04:54 +00:00
Russell Keith-Magee f9cdde0cb4 Fixed #3162 -- Added coded to catch and rethrow exceptions that are thrown by the views visited by the test client. Thanks, Ben <afternoon@uk2.net>.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@4482 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-02-11 00:23:31 +00:00
Adrian Holovaty 7180207328 Fixed #3166 -- Added admin 'Change user password' view. Thanks for the patch, SmileyChris
git-svn-id: http://code.djangoproject.com/svn/django/trunk@4266 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-12-30 07:16:25 +00:00
Adrian Holovaty 706fcec164 Copied django.forms to django.oldforms and changed all code to reference django.oldforms instead of django.forms. Updated docs/forms.txt to add 'Forwards-compatibility' section that says you should not be using django.oldforms for any new projects.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@4208 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-12-15 18:00:50 +00:00
Russell Keith-Magee c3c090ab13 Fixes #2915 -- Fixed typo in validation error message. Thanks, Matt Riggott.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3908 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-10-17 00:45:46 +00:00
Malcolm Tredinnick 6b4eb8bb70 Removed an unnecessary import from r3857. I'd forgotten that _() was put into
the global namespace.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@3863 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-09-26 13:59:10 +00:00
Malcolm Tredinnick 9b034d2746 Fixed #2816 -- Marked a couple more translatable strings. Thanks, ramiro.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3847 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-09-26 03:42:27 +00:00